This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: Segmentation fault of 'objdump -x' in binutils-2.25.1
- From: Alan Modra <amodra at gmail dot com>
- To: Yunho Kim <kimyunho at kaist dot ac dot kr>
- Cc: binutils at sourceware dot org
- Date: Sat, 22 Aug 2015 16:28:49 +0930
- Subject: Re: Segmentation fault of 'objdump -x' in binutils-2.25.1
- Authentication-results: sourceware.org; auth=none
- References: <CACb46hNvU68ZkPwBuDkQ5g+05zWqx0W-i=jQEbHguFJ4fG6yvA at mail dot gmail dot com>
On Fri, Aug 21, 2015 at 01:03:55PM +0900, Yunho Kim wrote:
> *** Configuration and build option ***
> $ ./configure CFLAGS="-fsanitize=address" && make -j4
>
> I am using Debian 8.1 on x64 and gcc 4.9.2.
>
> *** Command that causes a crash ***
> $ ~/binutils-2.25.1/binutils/objdump -x objdump_crash
[snip]
> t->vd_nodename
> is not initialized at the function _bfd_elf_slurp_version_tables() (in
Thanks for the report.
Belt and braces fix. Either of the changes here is sufficient to
ensure vd_nodename is initialized properly, the memcpy change because
iverdef is calloc memory.
* elf.c (_bfd_elf_slurp_version_tables): Always init vd_nodename.
Don't copy fields not set by _bfd_elf_swap_verdef_in.
diff --git a/bfd/elf.c b/bfd/elf.c
index f20679e..f8e1295 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -7871,7 +7871,7 @@ error_return_verref:
goto error_return_bad_verdef;
iverdef = &iverdefarr[(iverdefmem.vd_ndx & VERSYM_VERSION) - 1];
- memcpy (iverdef, &iverdefmem, sizeof (Elf_Internal_Verdef));
+ memcpy (iverdef, &iverdefmem, offsetof (Elf_Internal_Verdef, vd_bfd));
iverdef->vd_bfd = abfd;
@@ -7920,6 +7920,7 @@ error_return_verref:
((bfd_byte *) everdaux + iverdaux->vda_next));
}
+ iverdef->vd_nodename = NULL;
if (iverdef->vd_cnt)
iverdef->vd_nodename = iverdef->vd_auxptr->vda_nodename;
--
Alan Modra
Australia Development Lab, IBM